×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Security Violations

Security Violations

Security Violations

(OP)
Hithere,
I was wondering if there was any way of getting a more detailed report on when security violations actually occur?  Ive tried the "List measurements security summary and detail" but they seem just to be totals.

Can anyone suggest anything?

Thanks in advance

John

RE: Security Violations

John

I know if you are using r9 there is a way to have your switch call an extension when a security violation occures however I dont know of any other reports

hope this helps.

José

Please let me know if this was helpful

RE: Security Violations

(OP)
Thanks Jose,

We already have that set up to call my mobile but other than printing off the detail report every day and comparing the failed login attempts for each available login, I cant see how to monitor where the problem lies?

Thanks for helping out.

John

RE: Security Violations

ScottyJohn,
In order to route the call to a mobile, you must first route the call to a VDN with a vector attached containing the Mobile Number - Right ?

If this is the case you could set the VDN to measured and although you won't see which LogonID generated the violation you will be able to report on which intervals the violations occured in.

Hope this helps....

Paul

RE: Security Violations

You are geting them reguraly?

I have found cdr to be helpful in tracking down the problem.

Jose

José

Please let me know if this was helpful

RE: Security Violations

(OP)
Thank you guys for your suggestions.  What we have done is to remove all of the dead logins from the switch and cleared the security violations measurement to zero.  This means that we will check this with our alarms check every morning and this will let us know immediately which login was trying to be used.

Jose, how would you go about using the CDR data to track this?

Many thanks again.

John

RE: Security Violations

Scottyjohn,

You maybe able to get more details by having a look at how they're attempting to login - I presume you guys are using data modules or IP depending on the version. I presume they're login on via the tracker or inads port - if your site has the inads port on a seperate line it's not to easy to track but if the tracker is through the switch then you can allways add an analogue bridge to your station to get a visible indication of when anyone tries to access the tracker and use cdr to try and capture any ani (however i doubt there will be any).

Hope this helps,

Chris

RE: Security Violations

scottyjohn,
You definetely have an option available in Definity to trace out the reports, What you can do is First administer the extensions in "ch sys secu" once done you'll get the notification on some phone whenever the voilation occurs aprt from this to take out a detailed list of all the voilations you can issue " monitor security login/auth/remo" to see each & every possible detail on it...
I am using this feature with my switch & this works perfect.

Hope this help, let me know...

RE: Security Violations

(OP)
Thanks Definity and all,
The monitor feature gives me all the detail I was looking for!

Cheers

John

RE: Security Violations

I am Glad I could help you with it..
Regards,

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close